<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1649" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV><FONT face="Courier New" size=2>Okay. At one end is a 2620 running 12.3(15)
IPBase, with a 4NME card. At the other is a 7206. Between them are three DSL
lines, all running in bridged mode. Two are bonded together between the DSL
modem and the DSLam, so essentially, we have two long Ethernet lines, plugged
into ports ethernet1/0 and ethernet1/1 on the 2620.</FONT></DIV>
<DIV><FONT face="Courier New" size=2></FONT> </DIV>
<DIV><FONT size=2></FONT><FONT face="Courier New"
size=2>
/--------C1 ~~~~\<BR>A ~~~~~~~
B<
> D<BR>
\========C2 ~~~~/</FONT></DIV>
<DIV><FONT face="Courier New"></FONT> </DIV><FONT size=2>
<DIV><BR><FONT face="Courier New">A (Cisco 7206, FE2/0)<BR>B (Zhone
Bitstorm)<BR>~ (ethernet link)<BR>- (single DSL line)<BR>= (bonded DSL
lines)<BR>D (Cisco 2620, 4NME card, E1/0 and E1/1)</FONT></DIV>
<DIV><FONT face="Courier New"></FONT> </DIV>
<DIV><FONT face="Courier New">Essentially it all seems to work, turning it up
with one port binds virtual access 1 to the multilink PPP connection. But when
both ports on turned up on the 2620, it binds the second port, but then the
second port begins to go up and down and massive packet loss starts occuring.
It's not the DSL line, we tried both lines separately in port 1, but work great.
It's not the port, the same problem occurs if we using ethernet1/2 as the second
port, instead of E1/1. I was just guessing at the config to make this work and I
may have done it completely wrongly.</FONT></DIV>
<DIV><FONT face="Courier New"></FONT> </DIV>
<DIV><FONT face="Courier New">Cisco 2620 config....</FONT></DIV>
<DIV><FONT face="Courier New"></FONT> </DIV>
<DIV><FONT face="Courier New">Current configuration : 1388 bytes<BR>!<BR>version
12.3<BR>service timestamps debug datetime msec<BR>service timestamps log
datetime msec<BR>no service password-encryption<BR>!<BR>hostname
Quickcash<BR>!<BR>boot-start-marker<BR>boot-end-marker<BR>!<BR>enable secret 5
xxxxxxxx.<BR>!<BR>aaa new-model<BR>!<BR>!<BR>aaa authentication login default
local<BR>aaa accounting delay-start<BR>aaa session-id common<BR>ip
subnet-zero<BR>ip cef<BR>!<BR>!<BR>!<BR>vpdn enable<BR>vpdn ip udp ignore
checksum<BR>!<BR>vpdn-group 1<BR> request-dialin<BR> protocol
pppoe<BR>!<BR>!<BR>username admin password 0
xxxxxxxx<BR>!<BR>!<BR>!<BR>interface FastEthernet0/0<BR> ip address
xxx.24.2.89 255.255.255.248<BR> duplex auto<BR> speed
auto<BR>!<BR>interface Ethernet1/0<BR> no ip
address<BR> full-duplex<BR> pppoe enable<BR> pppoe-client
dial-pool-number 1<BR>!<BR>interface Ethernet1/1<BR> no ip
address<BR> shutdown<BR> full-duplex<BR> pppoe
enable<BR> pppoe-client dial-pool-number 1<BR>!<BR>interface
Ethernet1/2<BR> no ip
address<BR> shutdown<BR> full-duplex<BR> pppoe
enable<BR> pppoe-client dial-pool-number 1<BR>!<BR>interface
Ethernet1/3<BR> no ip
address<BR> shutdown<BR> half-duplex<BR>!<BR>interface
Dialer1<BR> ip address xxx.24.12.100 255.255.255.0<BR> ip mtu
1420<BR> encapsulation ppp<BR> dialer pool 1<BR> dialer-group
1<BR> ppp authentication pap callin<BR> ppp pap sent-username
quickcash1 password 0 xxxxxxxx<BR> ppp multilink<BR> ppp
multilink links minimum 2<BR>!<BR>ip classless<BR>ip route 0.0.0.0 0.0.0.0
Dialer1<BR>no ip http server<BR>!<BR>!<BR>line con 0<BR>line aux 0<BR>line vty 0
4<BR> transport preferred none<BR> transport input
telnet<BR>!<BR>!<BR>end<BR></FONT></FONT></DIV>
<DIV><FONT face="Courier New" size=2>Cisco 7206 Config....</FONT></DIV>
<DIV><FONT face="Courier New" size=2></FONT> </DIV>
<DIV><FONT face="Courier New" size=2>Current configuration : 11227
bytes<BR>!<BR>version 12.3<BR>service timestamps debug datetime msec<BR>service
timestamps log datetime msec<BR>no service password-encryption<BR>!<BR>hostname
gw1.armplc<BR>!<BR>boot-start-marker<BR>boot-end-marker<BR>!<BR>enable secret 5
xxxxxxxx<BR>!<BR>aaa new-model<BR>!<BR>!<BR>aaa group server radius
WinAuthAcct<BR> server xxx.24.27.48 auth-port 1812 acct-port
1813<BR> server xxx.24.27.49 auth-port 1812 acct-port 1813<BR>!<BR>aaa
authentication login default local<BR>aaa authentication ppp default local group
WinAuthAcct<BR>aaa authorization exec default local none<BR>aaa authorization
network default local group WinAuthAcct if-authenticated<BR>aaa accounting
delay-start<BR>aaa accounting update newinfo<BR>aaa accounting network default
start-stop broadcast group WinAuthAcct<BR>aaa session-id common<BR>ip
subnet-zero<BR>no ip source-route<BR>!<BR>!<BR>ip cef<BR>ip telnet
source-interface Loopback100<BR>ip tftp source-interface Loopback100<BR>ip
domain list win.net<BR>ip domain name win.net<BR>ip name-server
xxx.24.27.3<BR>ip name-server xx.235.0.25<BR>ip name-server
xxx.24.27.4<BR>!<BR>no ip bootp
server<BR>pppoe-forwarding<BR>!<BR>!<BR>!<BR>!<BR>!<BR>!<BR>!<BR>!<BR>!<BR>!<BR>!<BR>username
admin secret 5 xxxxxxxx<BR>username quickcash1 password 0
xxxxxxxx<BR>!<BR>!<BR>controller T3 6/0<BR>!<BR>!<BR>bba-group pppoe
global<BR> virtual-template 1<BR>!<BR>bba-group pppoe
global1<BR> virtual-template 2<BR>!<BR>!<BR>interface
Loopback100<BR> description gw1.armplc.win.net loopback
interface<BR> ip address 216.24.30.16 255.255.255.255<BR> no ip
redirects<BR> no ip unreachables<BR> no ip proxy-arp<BR>!<BR>interface
FastEthernet1/0<BR> ip address xxx.24.8.1 255.255.255.0<BR> duplex
full<BR>!<BR>interface FastEthernet1/0.2<BR> encapsulation dot1Q
2<BR> ip address xxx.24.12.193 255.255.255.192<BR> pppoe enable group
global<BR> no snmp trap link-status<BR>!<BR>interface
FastEthernet1/0.3<BR> encapsulation dot1Q 3<BR> ip tcp adjust-mss
1360<BR> pppoe enable group global1<BR> no snmp trap
link-status<BR>!<BR>interface FastEthernet1/0.16<BR> encapsulation dot1Q
16<BR> no snmp trap link-status<BR>!<BR>interface
FastEthernet1/0.17<BR> encapsulation dot1Q 17<BR> no snmp trap
link-status<BR>!<BR>interface FastEthernet2/0<BR> no ip
address<BR> shutdown<BR> duplex half<BR>!<BR>interface
Serial3/0<BR> description Armory Place CO to Heyburn<BR> bandwidth
44210<BR> ip address 216.24.28.246 255.255.255.252<BR> ip route-cache
flow<BR> dsu bandwidth 44210<BR> framing c-bit<BR> cablelength
50<BR> serial restart-delay 0<BR> no cdp enable<BR>!<BR>interface
Serial3/1<BR> no ip address<BR> shutdown<BR> dsu bandwidth
44210<BR> framing c-bit<BR> cablelength 10<BR> serial
restart-delay 0<BR>!<BR>interface Serial4/0<BR> no ip
address<BR> shutdown<BR> dsu bandwidth 44210<BR> framing
c-bit<BR> cablelength 10<BR> serial restart-delay 0<BR>!<BR>interface
ATM5/0<BR> no ip address<BR> shutdown<BR> no atm
ilmi-keepalive<BR>!<BR>interface Virtual-Template1<BR> ip unnumbered
FastEthernet1/0.2<BR> ip tcp adjust-mss 1360<BR> peer default ip
address pool pppoepool<BR> ppp authentication pap chap<BR>!<BR>interface
Virtual-Template2<BR> mtu 1400<BR> ip unnumbered
FastEthernet1/0.3<BR> peer default ip address pool pppoepool<BR> ppp
mtu adaptive<BR> ppp authentication pap chap<BR>!<BR>router ospf
5150<BR> log-adjacency-changes<BR> area 0 authentication
message-digest<BR> summary-address 216.24.9.0
255.255.255.128<BR> redistribute connected subnets route-map
ospf-redistrib<BR> redistribute static subnets route-map
ospf-redistrib<BR> passive-interface default<BR> no passive-interface
FastEthernet1/0<BR> no passive-interface Serial3/0<BR> no
passive-interface Loopback100<BR> network 24.235.0.0 0.0.31.255 area
0<BR> network 216.24.0.0 0.0.63.255 area 0<BR>!<BR>ip local pool pppoepool
216.24.12.100 216.24.12.180<BR>ip classless<BR>ip route 0.0.0.0 0.0.0.0
Serial3/0<BR>ip route 216.24.2.88 255.255.255.248 216.24.12.100<BR>ip route
216.24.35.91 255.255.255.255 216.24.12.100<BR>no ip http
server<BR>!<BR>!<BR>!<BR>ip access-list standard allow-our-nets<BR> permit
216.24.0.0 0.0.63.255<BR> permit 24.235.0.0 0.0.31.255<BR>!<BR>ip
access-list extended in-block-all-smtp-nb<BR> deny tcp any any
eq smtp log-input<BR> deny tcp any any range 135 139
log-input<BR> permit udp any eq netbios-ns host 216.24.27.3 eq
domain<BR> permit udp any eq netbios-ns host 216.24.27.4 eq
domain<BR> permit udp any eq netbios-ns host 199.120.154.17 eq
domain<BR> permit udp host 216.24.27.3 eq domain any eq
netbios-ns<BR> permit udp host 216.24.27.4 eq domain any eq
netbios-ns<BR> permit udp host 199.120.154.17 eq domain any eq
netbios-ns<BR> deny udp any any eq
netbios-ns<BR> deny udp any any range 135 netbios-ss
log-input<BR> deny tcp any any eq 445
log-input<BR> deny udp any any eq 445 log-input<BR> permit
ip any any<BR>ip access-list extended in-block-nb<BR> remark -- Same as
out-block-nb<BR> deny tcp any any range 135 139
log-input<BR> permit udp any eq netbios-ns host 216.24.27.3 eq
domain<BR> permit udp any eq netbios-ns host 216.24.27.4 eq
domain<BR> permit udp any eq netbios-ns host 199.120.154.17 eq
domain<BR> permit udp host 216.24.27.3 eq domain any eq
netbios-ns<BR> permit udp host 216.24.27.4 eq domain any eq
netbios-ns<BR> permit udp host 199.120.154.17 eq domain any eq
netbios-ns<BR> deny udp any any eq
netbios-ns<BR> deny udp any any range 135 netbios-ss
log-input<BR> deny tcp any any eq 445
log-input<BR> deny udp any any eq 445 log-input<BR> permit
ip any any<BR>ip access-list extended in-block-smtp-nb<BR> permit tcp any
216.24.27.0 0.0.0.255 eq smtp<BR> deny tcp any any eq smtp
log-input<BR> deny tcp any any range 135 139
log-input<BR> permit udp any eq netbios-ns host 216.24.27.3 eq
domain<BR> permit udp any eq netbios-ns host 216.24.27.4 eq
domain<BR> permit udp any eq netbios-ns host 199.120.154.17 eq
domain<BR> permit udp host 216.24.27.3 eq domain any eq
netbios-ns<BR> permit udp host 216.24.27.4 eq domain any eq
netbios-ns<BR> permit udp host 199.120.154.17 eq domain any eq
netbios-ns<BR> deny udp any any eq
netbios-ns<BR> deny udp any any range 135 netbios-ss
log-input<BR> deny tcp any any eq 445
log-input<BR> deny udp any any eq 445 log-input<BR> permit
ip any any<BR>ip access-list extended in-dangerously-allow-all<BR> permit
ip any any<BR>ip access-list extended in-permitlog-smtp<BR> remark -- This
one is used to see who we need to not apply blocksmtp to.<BR> remark -- It
is functionally identical to in-block-nb.<BR> permit tcp any 216.24.27.0
0.0.0.255 eq smtp<BR> permit tcp any any eq smtp syn
log-input<BR> permit tcp any any eq smtp<BR> deny tcp any
any range 135 139 log-input<BR> permit udp any eq netbios-ns host
216.24.27.3 eq domain<BR> permit udp any eq netbios-ns host 216.24.27.4 eq
domain<BR> permit udp any eq netbios-ns host 199.120.154.17 eq
domain<BR> permit udp host 216.24.27.3 eq domain any eq
netbios-ns<BR> permit udp host 216.24.27.4 eq domain any eq
netbios-ns<BR> permit udp host 199.120.154.17 eq domain any eq
netbios-ns<BR> deny udp any any eq
netbios-ns<BR> deny udp any any range 135 netbios-ss
log-input<BR> deny tcp any any eq 445
log-input<BR> deny udp any any eq 445 log-input<BR> permit
ip any any<BR>ip access-list extended
out-block-all-smtp-nb<BR> deny tcp any eq smtp any
log-input<BR> deny tcp any any range 135 139
log-input<BR> permit udp any eq netbios-ns host 216.24.27.3 eq
domain<BR> permit udp any eq netbios-ns host 216.24.27.4 eq
domain<BR> permit udp any eq netbios-ns host 199.120.154.17 eq
domain<BR> permit udp host 216.24.27.3 eq domain any eq
netbios-ns<BR> permit udp host 216.24.27.4 eq domain any eq
netbios-ns<BR> permit udp host 199.120.154.17 eq domain any eq
netbios-ns<BR> deny udp any any eq
netbios-ns<BR> deny udp any any range 135 netbios-ss
log-input<BR> deny tcp any any eq 445
log-input<BR> deny udp any any eq 445 log-input<BR> permit
ip any any<BR>ip access-list extended out-block-nb<BR> remark -- Same as
in-block-nb<BR> deny tcp any any range 135 139
log-input<BR> permit udp any eq netbios-ns host 216.24.27.3 eq
domain<BR> permit udp any eq netbios-ns host 216.24.27.4 eq
domain<BR> permit udp any eq netbios-ns host 199.120.154.17 eq
domain<BR> permit udp host 216.24.27.3 eq domain any eq
netbios-ns<BR> permit udp host 216.24.27.4 eq domain any eq
netbios-ns<BR> permit udp host 199.120.154.17 eq domain any eq
netbios-ns<BR> deny udp any any eq
netbios-ns<BR> deny udp any any range 135 netbios-ss
log-input<BR> deny tcp any any eq 445
log-input<BR> deny udp any any eq 445 log-input<BR> permit
ip any any<BR>ip access-list extended out-block-smtp-nb<BR> permit tcp
216.24.27.0 0.0.0.255 eq smtp any<BR> deny tcp any eq smtp any
log-input<BR> deny tcp any any range 135 139
log-input<BR> permit udp any eq netbios-ns host 216.24.27.3 eq
domain<BR> permit udp any eq netbios-ns host 216.24.27.4 eq
domain<BR> permit udp any eq netbios-ns host 199.120.154.17 eq
domain<BR> permit udp host 216.24.27.3 eq domain any eq
netbios-ns<BR> permit udp host 216.24.27.4 eq domain any eq
netbios-ns<BR> permit udp host 199.120.154.17 eq domain any eq
netbios-ns<BR> deny udp any any eq
netbios-ns<BR> deny udp any any range 135 netbios-ss
log-input<BR> deny tcp any any eq 445
log-input<BR> deny udp any any eq 445 log-input<BR> permit
ip any any<BR>ip access-list extended out-dangerously-allow-all<BR> permit
ip any any<BR>ip access-list extended out-permitlog-smtp<BR> permit tcp any
216.24.27.0 0.0.0.255 eq smtp<BR> permit tcp any any eq smtp
log-input<BR> deny tcp any any range 135 139
log-input<BR> permit udp any eq netbios-ns host 216.24.27.3 eq
domain<BR> permit udp any eq netbios-ns host 216.24.27.4 eq
domain<BR> permit udp any eq netbios-ns host 199.120.154.17 eq
domain<BR> permit udp host 216.24.27.3 eq domain any eq
netbios-ns<BR> permit udp host 216.24.27.4 eq domain any eq
netbios-ns<BR> permit udp host 199.120.154.17 eq domain any eq
netbios-ns<BR> deny udp any any eq
netbios-ns<BR> deny udp any any range 135 netbios-ss
log-input<BR> deny tcp any any eq 445
log-input<BR> deny udp any any eq 445 log-input<BR> permit
ip any any<BR>ip radius source-interface Loopback100<BR>logging source-interface
Loopback100<BR>!<BR>route-map ospf-redistrib permit 10<BR> match ip address
allow-our-nets<BR>!<BR>snmp-server trap-source Loopback100<BR>!<BR>radius-server
attribute nas-port format c<BR>radius-server dead-criteria tries
2<BR>radius-server host 216.24.27.201 auth-port 1645 acct-port
1646<BR>radius-server host 216.24.27.202 auth-port 1645 acct-port
1646<BR>radius-server host 216.24.27.203 auth-port 1645 acct-port
1646<BR>radius-server host 216.24.27.204 auth-port 1645 acct-port
1646<BR>radius-server host 216.24.27.205 auth-port 1645 acct-port
1646<BR>radius-server host 216.24.27.206 auth-port 1645 acct-port
1646<BR>radius-server host 216.24.27.207 auth-port 1645 acct-port
1646<BR>radius-server host 216.24.27.208 auth-port 1645 acct-port
1646<BR>radius-server host 216.24.27.209 auth-port 1645 acct-port
1646<BR>radius-server host 216.24.27.200 auth-port 1645 acct-port
1646<BR>radius-server retry method reorder<BR>radius-server transaction
max-tries 3<BR>radius-server retransmit 0<BR>radius-server timeout
3<BR>radius-server deadtime 2<BR>radius-server key m00c0w6809<BR>radius-server
vsa send accounting<BR>radius-server vsa send
authentication<BR>!<BR>!<BR>!<BR>!<BR>gatekeeper<BR> shutdown<BR>!<BR>!<BR>line
con 0<BR> stopbits 1<BR>line aux 0<BR> stopbits 1<BR>line vty 0
4<BR> exec-timeout 60 0<BR> logging synchronous<BR> transport
preferred none<BR> transport input telnet<BR>!<BR>!<BR>end</FONT></DIV>
<DIV><FONT face="Courier New" size=2></FONT> </DIV>
<DIV><FONT face="Courier New" size=2></FONT> </DIV>
<DIV><FONT face="Courier New" size=2></FONT> </DIV>
<DIV><FONT face="Courier New" size=2>--<BR>"The problem with our concept of mind
is that we confuse our own kind of self-awareness with thinking in general.
Self-awareness is an attribute of certain kinds of social animals. Why should a
mind be self-aware? It's enough it's world-aware. If it isn't socially connected
to other minds, it doesn't need social filters or self-modeling. It's
self-making, self-sufficient. It embodies and acts. A world-aware mind is just
one step closer to God than you and
I."<BR> -- Greg Bear,
"Slant"<BR></FONT></DIV></BODY></HTML>